graph-connect-api
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local script
.claude/scripts/code_graphusing Python to process project data and generate graph edges. This execution is confined to the local project environment and aligns with the tool's primary purpose. - [PROMPT_INJECTION]: Analysis identifies a surface for indirect prompt injection due to the ingestion of untrusted source code and configuration files.
- Ingestion points: Processes project files including frontend components (Angular, React, Vue, Svelte, Next.js), backend controllers (.NET, Spring, Express, FastAPI, Django, Rails, Go), and
docs/project-config.json. - Boundary markers: No specific delimiters or instructions are provided to the agent to treat the analyzed code as untrusted data rather than instructions.
- Capability inventory: The skill has access to
Bash(for executing the local graph tool) andRead(for file scanning). - Sanitization: No sanitization or filtering logic is specified for the code content retrieved during the connection detection process.
Audit Metadata